Re: [spamdyke-users] Blocking variations on a "From: " field

2020-09-28 Thread BC via spamdyke-users 



On 9/28/2020 7:51 AM, Philip Rhoades via spamdyke-users wrote:



You need to block by header contents as it offers more wildcards:
https://www.spamdyke.org/documentation/README.html#HEADERS


From:*


Hmm . . I thought I had tried that - oh well, I will give it a shot!



I use this technique successfully but found that a space was required, 
thus:


From: *https://spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] TLS and LibreSSL

2018-06-04 Thread BC via spamdyke-users 


Thank you, Sam.  I wentwith the traditional OpenSSL just to be sure.


On 6/4/2018 8:06 PM, Sam Clippinger via spamdyke-users wrote:
I have no idea -- I've never used LibreSSL.  As long as they've only 
updated the internal library code and not changed the API, it'll 
probably work fine.


-- Sam Clippinger




On May 26, 2018, at 2:42 PM, BC via spamdyke-users 
mailto:spamdyke-users@spamdyke.org>> 
wrote:




Will spamdyke compile with TLS using the LibreSSL libraries?


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
https://spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] MAILER-DAEMON Flood

2016-11-08 Thread BC via spamdyke-users 


Well, I have spamdyke-qrv installed and turned on in spamdyke.conf, 
but am still getting stuff like this (maillog):


Nov  8 21:48:51 33a45916-5b78-11e6-a0e5-0cc47a6975be spamdyke[17138]: 
ALLOWED from: filenkokir...@shopon.net to: sergushk...@bk.ru 
origin_ip: 10.0.1.15 origin_rdns: (unknown) auth: (unknown) 
encryption: (none) reason: 250_ok_1478666931_qp_17140


so someone is trying to use my system as a relay, right?

with the resulting MAILER-DAEMON bounce.  The 10.0.1.15 is the IP of 
the jail that qmail runs in.


Any other thoughts?


On 11/7/2016 9:13 AM, Gary Gendel via spamdyke-users wrote:
This doesn't look like it's email originating from your system.  
Instead, it looks like spamdyke has accepted the message and then 
qmail is doing the rejection.  My guess is that it passes through 
spamdyke with an invalid destination user. Qmail then tries to 
reject it.


You can avoid this by adding invalid user checks in spamdyke so it 
doesn't reach qmail by setting 
"recipient-validation-command=" (I use spamdyke-qrv) and 
"reject-recipient=invalid".


Gary



___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] MAILER-DAEMON Flood

2016-11-07 Thread BC via spamdyke-users 


Thank you very much. I'll look into that.

On 11/7/2016 9:13 AM, Gary Gendel via spamdyke-users wrote:
This doesn't look like it's email originating from your system.  
Instead, it looks like spamdyke has accepted the message and then 
qmail is doing the rejection.  My guess is that it passes through 
spamdyke with an invalid destination user. Qmail then tries to 
reject it.


You can avoid this by adding invalid user checks in spamdyke so it 
doesn't reach qmail by setting 
"recipient-validation-command=" (I use spamdyke-qrv) and 
"reject-recipient=invalid".


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] MAILER-DAEMON Flood

2016-11-07 Thread BC via spamdyke-users 


It hasn't risen to the level of DDOS, yet, but I'm getting many 
hundreds of these messages per night (and it is now continuing during 
the day).


They look like this:



Hi. This is the qmail-send program at purgatoire.org.
I tried to deliver a bounce message to this address, but the bounce bounced!

:
212.4.107.202 does not like recipient.
Remote host said: 550 5.1.1: Recipient address rejected: 
telcom.es
Giving up on 212.4.107.202.

--- Below this line is the original bounce.




... each one with totally unrelated email and IP addresses and with variable 
sizes and all in MIME format.

I use FreeBSD here.  Running qmail in a jail.  I do use ssmtp running on the 
host (not jailed) in order to get the periodic daily/weekly/monthly reports.

Is someone somehow using my system to try to send spam?

Any idea how to block this?

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Localhost relaying denied

2016-10-03 Thread BC via spamdyke-users 



On 10/3/2016 6:58 AM, Faris Raouf via spamdyke-users wrote:

dns-blacklist-entry=b.barracudacentral.org


Comment out the above and try it again.

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] Spamdyke Port Maintainer for FreeBSD Ports

2016-08-17 Thread BC via spamdyke-users 


While installing spamdyke on my latest FreeBSD build machine, I saw 
this notice:



Message from spamdyke-5.0.1_1:
===>   NOTICE:

The spamdyke port currently does not have a maintainer. As a result, it is
more likely to have unresolved issues, not be up-to-date, or even be 
removed in

the future. To volunteer to maintain this port, please create an issue at:

https://bugs.freebsd.org/bugzilla

More information about port maintainership is available at:

https://www.freebsd.org/doc/en/articles/contributing/ports-contributing.html#maintain-port



I claim nothing more than rank amateurish abilities in running a mail 
server for my personal, in-home use and know nothing about how to 
maintain a FreeBSD port.  I'm willing to learn how, but I'm a VERY 
slow learner with an obstinate bone in my head.  Anyone among you who 
uses FreeBSD and spamdyke several levels above me who might be willing 
to assume the maintainership role?


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] Real Time Blacklists

2016-08-17 Thread BC via spamdyke-users 


I'm building out a new server box and figured it is time to revisit my 
configuration files, including spamdyke.conf.  In 2014 I included some 
dns-blacklist-entry="entries...".


But in 2015/2016 my configuration didn't include any.

What say the congregants about the efficacy of RBL usage with spamdyke 
currently?


Do you have favorite entries for the dns-blacklist-entry= parameters?

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] spam with rDNS resolving to "localhost"

2016-08-09 Thread BC via spamdyke-users 


I've got 127.0.0.1 in my "blacklist_ip" file and the system seems to 
be working fine.


On 8/9/2016 4:02 AM, Faris Raouf via spamdyke-users wrote:


Dear all,

We’re having problems with spam being allowed in from IPs with rDNS 
resolving to “localhost”.


This gets past the reject-empty-rdns filter.

Initially I thought these IPs has no rDNS – using dnsstuff, I get no 
result (normally meaning no rDNS). But using host or dig I see the 
IPs really do reverse resolve to localhost.


**

Example log entry:

spamdyke[24468]: ALLOWED from: sqozt...@vnnic.net.vn to: 
redac...@redacted.tld origin_ip: 113.168.188.219 origin_rdns: 
localhost auth: (unknown) encryption: (none) reason: 
250_ok_1470423419_qp_24501





___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] softlimit error

2016-05-05 Thread BC via spamdyke-users 


A, the ulimit limits.  I'd forgotten about those and was focusing 
on the "softlimit" word in the error.


Thanks, Sam.

On 5/5/2016 6:35 AM, Sam Clippinger via spamdyke-users wrote:
You're correct that those messages are related to limits, but not 
the ones softlimit can set.  Those messages are about "hard" limits, 
which are set using the "ulimit" command.  I'd guess either BSD has 
a default hard limit or something on your system is setting them 
before spamdyke runs.  Those limits are extremely high, so there's 
very little chance they're going to cause any problems, but spamdyke 
will keep complaining about them as long as log-level is "verbose" 
or higher.


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] IPv6 Question

2016-05-05 Thread BC via spamdyke-users 


That is what I figured.  Thanks, Sam.

On 5/5/2016 6:30 AM, Sam Clippinger via spamdyke-users wrote:
Right now, spamdyke has no support for IPv6 at all, so it can't 
understand that nameserver line.  However, the only consequence 
should be that error message -- it shouldn't have any trouble 
skipping that line and using the IPv4 nameserver.


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] softlimit error

2016-05-04 Thread BC via spamdyke-users 


Now that I've set log-level=excessive, I can see these two errors that 
spamdyke is spitting out a lot:


May  4 13:54:52 Xeon_Right spamdyke[18726]: 
ERROR(undo_softlimit()@spamdyke.c:3226): data segment hard limit is 
less than infinity, could lead to unexplainable crashes: 34359738368
May  4 13:54:52 Xeon_Right spamdyke[18726]: 
ERROR(undo_softlimit()@spamdyke.c:3244): stack size hard limit is less 
than infinity, could lead to unexplainable crashes: 536870912


Seems to be a harmless error report.

Per Sam's suggestion quite some time ago, I quit using the 'softlimit' 
option in the tcpserver startup "run" files.  Available memory >5GiB 
free all the time.  Very fast CPU.  The email part of the server is 
very lightly used as the box is primarily an NAS and for me to play 
and experiment with intellectually.


Had no crashes that I know of - been up for 41+ days since my last 
intentional reboot.


Thoughts?

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] IPv6 Question

2016-05-04 Thread BC via spamdyke-users 


Using FreeBSD here.

In addition to my normal IPv4 connection, I have an IPv6 tunnel set up 
via Hurricane Electric.  Also use unbound as my local DNS cache 
resolver for resolving both IPv4 & IPv6 addresses and it has been 
doing both for over a year now.


spamdyke doesn't seem to like the IPv6 resolver.  /var/log/maillog 
showing LOTS of lines like this (log-level=info):


May  4 13:08:56 Xeon_Right spamdyke[18382]: 
ERROR(load_resolver_file()@search_fs.c:753): invalid/unparsable 
nameserver found: fd00::1


My /etc/resolv.conf file contains these two lines:

nameserver 10.0.0.1
nameserver fd00::1

I didn't think that spamdyke is IPv6 aware?  Shouldn't it ignore the 
second nameserver line above?


In hopes of getting some more info about this, I've set 
log-level=excessive.


Thoughts?

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Softlimit messages

2015-06-20 Thread BC via spamdyke-users 



Wow. So for example, the starting linefor my smtpd-run file looks like 
this:


exec /usr/local/bin/softlimit -m 2 /usr/local/bin/tcpserver 
-4v -R -l $LOCAL \


and I can simply change it to this:

exec /usr/local/bin/tcpserver -4v -R -l $LOCAL \

with impunity?



On 6/20/2015 5:12 PM, Sam Clippinger via spamdyke-users wrote:
IMHO, everyone should delete the softlimit program from their 
servers immediately.  Not that I have a strong opinion on the matter 
or anything. :)



___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] New version: spamdyke 5.0.1

2015-05-01 Thread BC via spamdyke-users 


Thank you, Sam.  For so much work on this update, a measly 0.0.1 
version bump belittles it.



On 5/1/2015 11:36 AM, Sam Clippinger via spamdyke-users wrote:

spamdyke lives!

spamdyke version 5.0.1 is now available:
http://www.spamdyke.org/

This version fixes a ton of bugs, including a number of access 
violations that can lead to crashes.  Most importantly, the 
recipient validation feature now works correctly (and has been 
exhaustively tested).


Version 5.0.1 is backwards-compatible with version 5.0.0; simply 
replacing the old binary with the new one should be safe.


-- Sam Clippinger


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users